package controller;


import entity.Employee;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import service.EmployeeService;
import service.Impl.EmployeeServiceImpl;

import javax.servlet.http.HttpSession;

/**
 * 认证控制器
 * 处理登录、登出和密码修改等认证相关功能
 */
@Controller
@RequestMapping("/auth")
public class AuthController {
    
    @Autowired
    private EmployeeServiceImpl employeeService;
    

    @GetMapping("/login")
    public String toLogin() {
        // 返回登录页面
        return "/auth/login";
    }
    /**
     * 登录处理
     * @param empId 员工ID
     * @param password 密码
     * @param session HTTP会话
     * @return 登录结果
     */
    @PostMapping("/login")
    public String login(@RequestParam long empId,
                        @RequestParam String password,
                        HttpSession session,
                        RedirectAttributes redirectAttributes) {
        Employee employee = employeeService.Login(empId, password);
        if (employee != null) {
            // 登录成功，将用户信息存入session
            session.setAttribute("loginUser", employee);
            session.setAttribute("empId", employee.getEmpId());
            session.setAttribute("empRole", employee.getEmpRole());

            // 使用RedirectAttributes传递成功消息
            redirectAttributes.addFlashAttribute("success", true);
            redirectAttributes.addFlashAttribute("message", "登录成功");

            // 重定向到首页
            return "redirect:/auth/index";
        } else {
            // 登录失败，使用RedirectAttributes传递错误消息
            redirectAttributes.addFlashAttribute("success", false);
            redirectAttributes.addFlashAttribute("message", "员工号或密码错误");

            // 重定向回登录页
            return "redirect:/auth/login";
        }
    }
    /**
     * 跳转到首页
     * @return 首页视图
     */
    @GetMapping("/index")
    public String toIndex() {
        return "index";
    }

    /**
     * 跳转到个人信息页面
     */
    @GetMapping("/profile")
    public String toProfile() {
        return "auth/profile";
    }



    
    /**
     * 退出登录
     * @param session HTTP会话
     * @return 退出结果
     */
    @RequestMapping("/logout")
    public String logout(HttpSession session, RedirectAttributes redirectAttributes) {
        // 清除session中的用户信息
        session.removeAttribute("loginUser");
        session.removeAttribute("empId");
        session.removeAttribute("empRole");
        
        // 使用RedirectAttributes传递消息
        redirectAttributes.addFlashAttribute("success", true);
        redirectAttributes.addFlashAttribute("message", "已退出登录");
        
        // 重定向到登录页
        return "redirect:/auth/login";
    }


    /**
     * 跳转到修改密码页面
     */
    @GetMapping("/changePassword")
    public String toChangePassword() {
        return "auth/changePassword";
    }

    /**
     * 修改密码
     * @param oldPassword 旧密码
     * @param newPassword 新密码
     * @param session HTTP会话
     * @return 重定向到结果页面
     */

    @PostMapping("/changePassword")
    public String changePassword(@RequestParam String oldPassword,
                                 @RequestParam String newPassword,
                                 HttpSession session,
                                 RedirectAttributes redirectAttributes) {
        Long empId = (Long) session.getAttribute("empId");
        if (empId == null) {
            redirectAttributes.addFlashAttribute("success", false);
            redirectAttributes.addFlashAttribute("message", "未登录或会话已过期");
            return "redirect:/auth/login";
        }

        boolean success = employeeService.changePassword(empId, oldPassword, newPassword);
        if (success) {
            redirectAttributes.addFlashAttribute("success", true);
            redirectAttributes.addFlashAttribute("message", "密码修改成功");
            return "redirect:/auth/profile";
        } else {
            redirectAttributes.addFlashAttribute("success", false);
            redirectAttributes.addFlashAttribute("message", "原密码错误或修改失败");
            return "redirect:/auth/changePassword";
        }
    }






}
